public class UserAnnotationHandler extends AuthorizingAnnotationHandler
RequiresUser
annotation
is declared, and if so, ensures the calling Subject
is either
authenticated
or remembered via remember
me services before allowing access.
This annotation essentially ensures that subject.
.getPrincipal()
!= null
annotationClass
Constructor and Description |
---|
UserAnnotationHandler()
Default no-argument constructor that ensures this handler looks for
RequiresUser annotations. |
Modifier and Type | Method and Description |
---|---|
void |
assertAuthorized(Annotation a)
Ensures that the calling
Subject is a user, that is, they are either
authenticated or remembered via remember
me services before allowing access, and if not, throws an
AuthorizingException indicating access is not allowed. |
getAnnotationClass, getSubject, setAnnotationClass
public UserAnnotationHandler()
RequiresUser
annotations.public void assertAuthorized(Annotation a) throws AuthorizationException
Subject
is a user, that is, they are either
authenticated
or remembered via remember
me services before allowing access, and if not, throws an
AuthorizingException
indicating access is not allowed.assertAuthorized
in class AuthorizingAnnotationHandler
a
- the RequiresUser annotation to checkAuthorizationException
- if the calling Subject
is not authenticated or remembered via rememberMe services.Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.